Add latest changes from gitlab-org/gitlab@master

7 files changed, 68 insertions, 22 deletions

diff --git a/doc/architecture/blueprints/secret_detection/index.md b/doc/architecture/blueprints/secret_detection/index.md
index 26551367a7c..5dca2efcf37 100644
--- a/doc/architecture/blueprints/secret_detection/index.md
+++ b/doc/architecture/blueprints/secret_detection/index.md
@@ -1,5 +1,5 @@
 ---
-status: proposed
+status: ongoing
 creation-date: "2022-11-25"
 authors: [ "@theoretick" ]
 coach: "@DylanGriffith"
@@ -123,6 +123,23 @@ Given our existing familiarity with the tool and its extensibility, it should
 remain our engine of choice. Changes to the detection engine are out of scope
 unless benchmarking unveils performance concerns.
 
+Notable alternatives include high-performance regex engines such as [hyperscan](https://github.com/intel/hyperscan) or it's portable fork [vectorscan](https://github.com/VectorCamp/vectorscan).
+
+### High-level architecture
+
+The implementation of the secret scanning service is highly dependent on the outcomes of our benchmarking
+and capacity planning against both GitLab.com and our
+[Reference Architectures](../../../administration/reference_architectures/index.md).
+As the scanning capability must be an on-by-default component of both our SaaS and self-managed
+instances [the PoC](#iterations), the deployment characteristics must be considered to determine whether
+this is a standalone component or executed as a subprocess of the existing Sidekiq worker fleet
+(similar to the implementation of our Elasticsearch indexing service).
+
+Similarly, the scan target volume will require a robust and scalable enqueueing system to limit resource consumption.
+
+See [this thread](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/105142#note_1194863310)
+for past discussion around scaling approaches.
+
 ### Push event detection flow
 
 ```mermaid
@@ -151,17 +168,20 @@ sequenceDiagram
 
 ## Iterations
 
-1. Requirements definition for detection coverage and actions
-1. PoC of secret scanning service
-    1. gRPC commit retrieval from Gitaly
-    1. blob scanning
-    1. benchmarking of issuables, comments, job logs and blobs to gain confidence that the total costs will be viable
-1. Implementation of secret scanning service MVC (targeting individual commits)
-1. Security and readiness review
-1. Deployment and monitoring
-1. Implementation of secret scanning service MVC (targeting arbitrary text blobs)
-1. Deployment and monitoring
-1. High priority domain object rollout (priority `TBD`)
-    1. Issuable comments
-    1. Issuable bodies
-    1. Job logs
+- [x] Define [requirements for detection coverage and actions](https://gitlab.com/gitlab-org/gitlab/-/issues/376716)
+- [x] Implement [Clientside detection of GitLab tokens within comments/issues](https://gitlab.com/gitlab-org/gitlab/-/issues/368434)
+- [ ] PoC of secret scanning service
+      - [ ] Benchmarking of issuables, comments, job logs and blobs to gain confidence that the total costs will be viable
+      - [ ] Capacity planning for addition of service component to Reference Architectures headroom
+      - [ ] Service capabilities
+          - [ ] gRPC commit retrieval from Gitaly
+          - [ ] blob scanning
+- [ ] Implementation of secret scanning service MVC (targeting individual commits)
+- [ ] Security and readiness review
+- [ ] Deployment and monitoring
+- [ ] Implementation of secret scanning service MVC (targeting arbitrary text blobs)
+- [ ] Deployment and monitoring
+- [ ] High priority domain object rollout (priority `TBD`)
+      - [ ] Issuable comments
+      - [ ] Issuable bodies
+      - [ ] Job logs
diff --git a/doc/ci/testing/code_quality.md b/doc/ci/testing/code_quality.md
index ff7e11e9c71..ebcaffd0434 100644
--- a/doc/ci/testing/code_quality.md
+++ b/doc/ci/testing/code_quality.md
@@ -76,7 +76,7 @@ tab of the pipeline's details page.
 
 ### Project quality view
 
-The project quality view displays an overview of the code quality findings.
+The project quality view displays an overview of the code quality findings. The view can be found under **Analytics > CI/CD**, and requires [`project_quality_summary_page`](../../user/feature_flags.md) feature flag to be enabled for this particular project.
 
 ![Code Quality Summary](img/code_quality_summary_15_9.png)
 
diff --git a/doc/user/application_security/coverage_fuzzing/index.md b/doc/user/application_security/coverage_fuzzing/index.md
index 4731e09474c..caad1619bc0 100644
--- a/doc/user/application_security/coverage_fuzzing/index.md
+++ b/doc/user/application_security/coverage_fuzzing/index.md
@@ -15,6 +15,9 @@ We recommend that you use fuzz testing in addition to the other security scanner
 and your own test processes. If you're using [GitLab CI/CD](../../../ci/index.md),
 you can run your coverage-guided fuzz testing as part your CI/CD workflow.
 
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+For an overview, see [Coverage Fuzzing](https://www.youtube.com/watch?v=bbIenVVcjW0).
+
 ## Coverage-guided fuzz testing process
 
 The fuzz testing process:
diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md
index 3cb8967afd2..1f4506a22e5 100644
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -15,6 +15,9 @@ visible from the source code.
 Dynamic Application Security Testing (DAST) examines applications for
 vulnerabilities like these in deployed environments.
 
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+For an overview, see [Dynamic Application Security Testing (DAST)](https://www.youtube.com/watch?v=nbeDUoLZJTo).
+
 NOTE:
 To learn how four of the top six attacks were application-based and how
 to protect your organization, download our
diff --git a/doc/user/application_security/dependency_list/index.md b/doc/user/application_security/dependency_list/index.md
index f46c5e5e801..e02cc5929a6 100644
--- a/doc/user/application_security/dependency_list/index.md
+++ b/doc/user/application_security/dependency_list/index.md
@@ -13,6 +13,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 Use the dependency list to review your project's dependencies and key
 details about those dependencies, including their known vulnerabilities. It is a collection of dependencies in your project, including existing and new findings.
 
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+For an overview, see [Project Dependency](https://www.youtube.com/watch?v=ckqkn9Tnbw4).
+
 To see the dependency list, go to your project and select **Security and Compliance > Dependency list**.
 
 This information is sometimes referred to as a Software Bill of Materials, SBOM, or BOM.
diff --git a/doc/user/packages/dependency_proxy/index.md b/doc/user/packages/dependency_proxy/index.md
index 8dc3c98795b..1ed57d8a7b1 100644
--- a/doc/user/packages/dependency_proxy/index.md
+++ b/doc/user/packages/dependency_proxy/index.md
@@ -350,5 +350,17 @@ a minimum of the Guest role in the specified Dependency Proxy group:
 ```plaintext
 ERROR: gitlab.example.com:443/group1/dependency_proxy/containers/alpine:latest: not found
 
-failed to solve with frontend dockerfile.v0: failed to create LLB definition: gitlab.example.com:443/group1/dependency_proxy/containers/alpine:latest: not found
+failed to solve with frontend dockerfile.v0: failed to create LLB definition: 
+gitlab.example.com:443/group1/dependency_proxy/containers/alpine:latest: not found
 ```
+
+```plaintext
+ERROR: Job failed: failed to pull image
+"gitlab.example.com:443/group1/dependency_proxy/containers/alpine:latest" with specified policies [always]:
+Error response from daemon: error parsing HTTP 404 response body:
+unexpected end of JSON input: "" (manager.go:237:1s)
+```
+
+NOTE:
+The work to correctly display `Access denied` errors in such cases is being tracked in the following issue:
+[Dependency proxy error reporting confusing - "404/not found" should be "access denied" when not group member](https://gitlab.com/gitlab-org/gitlab/-/issues/354826).
diff --git a/doc/user/project/integrations/slack.md b/doc/user/project/integrations/slack.md
index 09e7189d4f5..1bc09dfe367 100644
--- a/doc/user/project/integrations/slack.md
+++ b/doc/user/project/integrations/slack.md
@@ -3,14 +3,17 @@ stage: Manage
 group: Integrations
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
 ---
+<!--- start_remove The following content will be removed on remove_date: '2024-05-22' -->
 
-# Slack notifications **(FREE)**
+# Slack notifications (deprecated) **(FREE)**
 
 WARNING:
-This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/372411) on GitLab.com
-in GitLab 15.9 and is [planned for removal](https://gitlab.com/groups/gitlab-org/-/epics/8673).
-For GitLab.com, use the [GitLab for Slack app](gitlab_slack_application.md) instead.
-For self-managed GitLab instances, you can continue to use this feature.
+This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/372411) in GitLab 15.9
+and is planned for removal in 17.0. Use the [GitLab for Slack app](gitlab_slack_application.md) instead.
+This change is a breaking change.
+
+For the planned support of the GitLab for Slack app for self-managed instances,
+see [epic 1211](https://gitlab.com/groups/gitlab-org/-/epics/1211).
 
 The Slack notifications integration enables your GitLab project to send events
 (such as issue creation) to your existing Slack team as notifications. Setting up
@@ -150,3 +153,5 @@ p.each do |project|
   project.slack_integration.update!(:active, false)
 end
 ```
+
+<!--- end_remove -->